Title: IBM AIX 'rpc.ttdbserver' Remote Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
IBM AIX is a UNIX-based operating system.
AIX is prone to a remote buffer-overflow vulnerability that occurs in the ToolTalk library 'libbtt.a'. Specifically, the '_tt_internal_realpath()' function fails to perform boundary checks when copying user-supplied input to a buffer using the 'strcpy()' function. An attacker can exploit this issue by supplying a large XDR-encoded ASCII string as an argument for remote procedure 15 of the ToolTalk database server.
For an exploit to succeed, the 'rpc.ttdserver' process must be enabled in the '/etc/inetd.conf' configuration file.
Remote attackers can exploit this issue to execute arbitrary code with superuser privileges, which can result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.
Affected Products:
- IBM AIX 5.2
- IBM AIX 5.3
- IBM AIX 6.1
References:
- IBM: AIX Homepage
- IBM: AIX libtt.a rpc.ttdbserver remote buffer overflow vulnerability
- RISE Security: RISE-2009001 ToolTalk rpc.ttdbserverd _tt_internal_realpath Buffer Overflow Vuln
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
